From the "Settings" menu, administrators can modify or manage various settings for the account as:
- Configuring single sign-on,
- Changing the application settings,
- Changing the password policy,
- Managing the properties library,
- Configure system-wide configuration properties in IoT Extension.
Configuring single sign-on¶
IoT Extension provides single sign-on functionality, that allows a user to log in with a single 3rd-party authorization server using the OAuth2 protocol. Currently authorization code grant is supported only with access tokens in form of JWT (JSON web tokens).
This feature is built on top of cookies technology. To be able to use it, you must have cookies enabled in the settings of your browser.
This feature is enabled since IoT Extension version 9.12. For correct behavior any microservice needs to use the microservice SDK with version 9.12 or later.
Before switching to the single sign-on option it is mandatory that:
- the authorization server you use supports OAuth2 authentication code grant,
- the access token is issued as JWT and you know what goes into the token content,
- the JWT must consist of a unique user identifier,
- the IoT Extension platform is in version 9.12 but preferably higher,
- all microservices are build with Microservice Java SDK 9.12.6 but preferably higher.
For on premises installation the domain-based environment resolution is configured properly.
Changing application settings¶
Click "Application" in the Settings menu to change applications settings.
Under "Default application", you can select a default application from the list which will apply to all users within the environment.
All users must have access to this application.
Under Access control, administrators can enable cross-origin resource sharing or "CORS" on the IoT Extension API.
- Set it to "*" to allow communication from any host.
- Set it to http://my.host.com, http://myother.host.com to allow applications from http://my.host.com and from http://myother.host.com to communicate with the platform.
For further information, see http://enable-cors.org.
Changing the password policy¶
To change password settings, click "Password" in the Settings menu.
Under "Password expiration", you can limit the validity of user passwords by specifying the number of days after which users have to change their passwords. If you do not want to force your users to change passwords, use "0" for unlimited validity of passwords (default value).
By default, users can use any password with eight characters or more. If you select "Enforce" that all password are "strong" (green), your users must provide strong passwords.
The password validity limit and the enforcing of strong passwords may not be editable, if configured by the platform administrator.
Strong (green) passwords must have "M" characters. By default, the system restricts the use of passwords already used in the past. The last "N" passwords provided by a user are remembered by the system and the system does not allow to use them. The default value for "N" is 10.
"M" and "N" can be configured by the platform administrator.
Click "Save" to apply your password settings.
Managing the properties library¶
In the "Properties" library, accessible from the "Settings" menu, custom properties can be added to inventory objects, alarms, events and environments.
With custom properties, you can extend the data model of IoT Extension built-in objects. You may create the following custom values:
- Custom inventory properties are used to extend the inventory data model. They can be used in the “Asset table” and “Asset properties” widgets.
- Custom environment properties are available during environment creation. The custom properties can be edited under Subtenants in the Custom properties tab of each environment. Additionally, these properties can be viewed and exported in the Usage statistics.
- Custom alarm and event properties can be used as custom fields which can be added to your reports and will be available in the "Export" page in the Cockpit application.
Custom properties are visible to all authenticated users of the environment, regardless of their inventory role permission.
Adding properties to the properties library:
To add a custom property, select the tab for the desired property and click "Add property".
In the upcoming form, provide a unique name as identifier and a label for the property and select its data type from the drop down list. Additionally, select validation rules for the new property:
|Required||If selected, the property needs to be provided, i.e. during alarm creation. Not available if the property type is "Boolean".|
|Default Value||Provide a default value to be automatically filled in the custom property field. Only available for properties with type "String".|
|Minimum||Enter a minimum integer value.|
|Maximum||Enter a maximum integer value.|
|Minimum length||Enter the minimum length required for the string.|
|Maximum length||Enter the maximum length required for the string.|
|Regular expression||Add a regular expression which will be required in order to fill the custom property field.|
Click "Save" to create the new property.
Click on the name of a property in the list to open it. To edit the property, enter the desired changes and click "Save" to save the settings. Click "Remove" to delete the property.
Entering OpenIT credentials¶
By providing OpenIT credentials you enable the platform to utilize SMS services provided by OpenIT.
SMS are used throughout the application for various features like two-factors authentication and user notifications, i.e. on alarms.